69 matches found
CVE-2023-0571 SourceCodester Canteen Management System Add Customer createcustomer.php cross site scripting
A vulnerability has been found in SourceCodester Canteen Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file createcustomer.php of the component Add Customer. The manipulation of the argument name leads to cross site scripting. The attack can b...
WordPress plugin Amelia 跨站脚本漏洞
WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is an application plugin for WordPress. WordPress Amelia Plugin 1.0.46 and earlier versions are vulnerable to a cross-site scripting vulnerability that stems from the program's failure t...
PT-2022-13458 · WordPress · Amelia
Name of the Vulnerable Software and Affected Versions: Amelia WordPress plugin versions up to and including 1.0.46 Description: The issue arises from insufficient escaping and sanitization of the lastName parameter in the /src/Application/Controller/User/Customer/AddCustomerController.php file...
CVE-2012-4932
Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...
CVE-2012-4932
Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...
CVE-2009-3581
Multiple cross-site scripting XSS vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via 1 the DCN Description field in the Accounts Receivables menu item for Add Transaction, 2 the Description field in the Accounts Payable menu item for A...
UBUNTU-CVE-2009-3581
Multiple cross-site scripting XSS vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via 1 the DCN Description field in the Accounts Receivables menu item for Add Transaction, 2 the Description field in the Accounts Payable menu item for A...
CVE-2009-3581
Multiple cross-site scripting XSS vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via 1 the DCN Description field in the Accounts Receivables menu item for Add Transaction, 2 the Description field in the Accounts Payable menu item for A...